A Cooperative Intrusion Detection Model Based on Granular Computing and Agent Technologies

  • Authors:
  • Wei Zhang;Shaohua Teng;Haibin Zhu;Dongning Liu

  • Affiliations:
  • School of Computers, Guangdong University of Technology, Guangzhou, China;School of Computers, Guangdong University of Technology, Guangzhou, China;Collaborative Systems Laboratory, Nipissing University, North Bay, Canada;School of Computers, Guangdong University of Technology, Guangzhou, China

  • Venue:
  • International Journal of Agent Technologies and Systems
  • Year:
  • 2013

Quantified Score

Hi-index 0.00

Visualization

Abstract

This paper initially analyzes the methods of four attack types, including Probing, DoS Denial of Service, R2L Remote to Local and U2R User to Root. It then categorizes attacks into four cases which are, respectively, one host-one host, one host-many hosts, many hosts-one host and many hosts-many hosts. Categorization is based on resource and destination addresses of network packages. Granular computing methodology is then applied to intrusion detection. With the support of the granular computing methodology and agent technologies, a cooperative intrusion detection model is proposed. Furthermore, the construction for an intrusion detection agent is presented. Finally, experiments are conducted. Results indicate that the proposed method can detect slow scanning attacks which cannot be detected by a traditional scanning detector.